[Secure-testing-team] Etch security bug hunting season opened

Moritz Muehlenhoff jmm at inutil.org
Mon Aug 14 19:12:54 UTC 2006

I started to raise severities of several security bugs. Unfortunately
many maintainers only care for these :-/

Please also file bugs for code duplication (embedding a copy) and
package duplication (needlessly introducing multiple versions in
a stable release), with at least severity important and keep me
posted. We really need to have Etch is a better security maintainability
than the current Sarge situation.

And please also have an eye for packages, which are too buggy to
release security-wise. Crap like oftpd, elog or mantis should never
have entered the archive at the first glance.


More information about the Secure-testing-team mailing list